The Plague Sweeping Through Healthcare IT
Hospitals see patients with viral infections on a regular basis. Most of the time, however, doctors can only treat the symptoms of the virus, and not the virus itself – that’s a job for the patient’s immune system to handle.
Like biological viruses, computer viruses that infect medical devices often cannot be treated directly. Once a virus creeps into the hospital system, it’s up to the system itself to fight it off. Due to the outdated nature of many of these healthcare devices, these exploits or infections are often catastrophic – causing healthcare IT and clinical/bio-meds departments to lose millions of dollars annually and putting patient care in jeopardy.
Below, we have listed a few common questions we’ve heard about the plague that is currently sweeping through healthcare IT.
Why is this even happening?
Let’s say your credit card gets stolen. You can call your bank, request a new credit card, and get whatever loss you sustained refunded, all within the same day.
If your health care records are stolen, you can’t deal with it as easily. A person’s health record contains highly private and sensitive information that provides a lifetime of opportunity for target exploitation. Healthcare records are up to 10 times as valuable as credit card records, making them a juicy target for opportunistic hackers.
Why can’t we sit back and let it run its course?
Every single day there are press articles on how WannaCry devastated a hospital, or a new ransomware caused operational disruption resulted in hospital rerouting ambulances to the nearby hospitals. The symptoms of these viruses can result in the loss of millions to the healthcare industry and causing widespread confusion and slowdown of processes in areas where quick thinking and careful treatment is necessary.
Why can’t we make our IT immune system stronger?
To bolster the “immune system” in hospital systems, IT professionals can upgrade and patch vulnerable systems and fend off the attacks and give these devices a better protection. However, upgrading and patching is incredibly difficult.
Unlike the auto-upgrades you may see on your laptop, medical device upgrades require a lot more individual attention. Manufacturers have a hard time rolling out patches for millions of units in the field because medical devices are embedded systems with a multitude of software components with potential security vulnerabilities and also have to go through an usually long FDA approval process.
Bringing equipment back to its original operating condition and guaranteeing that it is ready for patient usage is an arduous, expensive, and time-consuming process that has no guarantee of working. Protecting precious medical devices is a never-ending race. They will always lag the computer industry for a good reason and be always vulnerable to hacking left unattended.
Why can’t we go into full quarantine?
We live in a connected world where each device needs to record and report vital patient data to the healthcare management system, without manual intervention. Hospitals rely on cloud-based offerings, from enhanced radiology services to thermostats that monitor and preserve medical specimens stored in freezers.
In addition, because of the high costs of equipment, many hospitals lease or rent on a regular basis. Even the people employed by a hospital are often hired contractually, and hospitals have countless visitors that cannot be screened.
With remote clinic or telemedicine-based delivery, and countless mergers and acquisitions, healthcare IT staff are always challenged to offer the best patient care.
The Vaccine or Preventive Cure:
The recommendation from the manufacturing community calls for
- Segregating network access (segmentation)
- Block internet connectivity
- Go back to standalone mode (segmentation)
This is no different than what NIST recommends, or HIPAA imposes on hospitals.
We at CloudPost are trying to help on all the recommendation here on this issue. We call our technology a “virtual-patch”. A virtual-patch provides compensating controls for the medical devices by simply programming the installed base of switches, routers, and wireless access points to
- Reduce the exposure of random devices spreading malware inside the corporate IT networks
- To control the type and amount of external traffic from/to this medical device
- Protect the precious medical devices in real time as soon as an issue arises
Even better, as the word goes “prevention is better than cure” CloudPost allows IT to put pre-emptive controls that prevent malware and ransomware gaining control of these medical devices.
It all starts with simple diligent everyday hygiene. Having accurate inventory and visibility on what is connecting to the network day in and day out is the key. Continuously monitoring for malware exposure or vulnerability exploits and apply preventive measures is an absolute must. Watching internet communication and restricting it to a narrow set is even more critical.
Please stop by our booth at HIMSS 2018 to get a demo of our product that could help you along this journey. Together, we can make a change in the current landscape, much desired and way overdue. Let us stop this hacking trend once and for all and we are excited to be part of this great mission.
CloudPost is in the Cybersecurity Command Center which is on Level 2 of The Venetian, in the Veronese Ballroom, Kiosk 11.